Описание
Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote attackers to discover cleartext credentials because they may appear in SNI data.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| devel | not-affected | 2.9.0dev.6-3 |
| esm-apps/bionic | released | 2.8.9dev16-3ubuntu0.1~esm1 |
| esm-apps/focal | released | 2.9.0dev.5-1ubuntu0.1~esm1 |
| esm-apps/jammy | not-affected | 2.9.0dev.6-3 |
| esm-apps/noble | not-affected | 2.9.0dev.6-3 |
| esm-apps/xenial | released | 2.8.9dev8-4ubuntu1+esm2 |
| esm-infra-legacy/trusty | DNE | |
| focal | ignored | end of standard support, was needed |
| hirsute | ignored | end of life |
Показывать по
Ссылки на источники
EPSS
2.6 Low
CVSS2
5.3 Medium
CVSS3
Связанные уязвимости
Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote attackers to discover cleartext credentials because they may appear in SNI data.
Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote attackers to discover cleartext credentials because they may appear in SNI data.
Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, whic ...
Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote attackers to discover cleartext credentials because they may appear in SNI data.
Уязвимость подкомпонента userinfo текстового веб-браузера Lynx, связанная с недостаточной защитой регистрационных данных, позволяющая нарушителю получить доступ к конфиденциальным данным
EPSS
2.6 Low
CVSS2
5.3 Medium
CVSS3